before the point at which it's added to the protocol tree.
Put the ATM channel in the ATM tree rather than the top-level tree.
Fix the name for the CPI field (copy-and-pasteo).
svn path=/trunk/; revision=48015
instead of using DISSECTOR_ASSERT. When a dissector passes bad data to the
reassembly machine, that isn't necessarily the dissector's fault - the data may
come straight from the packet, and the dissector may not have enough information
to know it's bad without telling the reassembly machine in the first place.
Also fix a bug in the reassembly machine. If it were given a fragment and all of
the following conditions were met:
- the other associated fragments were already marked as done (reassembled)
- the fragment went beyond the end of the conceptual reassembled buffer
- the dissector had not set the PARTIAL_REASSEMBLY flag
then the reassembly machine would incorrectly think there was an overlap and
run past the end of the already-reassembled buffer.
Should fix the rest of
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
#BACKPORT
This is probably too big and intrusive to backport directly, and parts of it
will need adapting anyways since reassemble.c has changed. But the bug exists
and crashes in 1.6 and 1.8, so we'll have to do something.
svn path=/trunk/; revision=48011
1. Convert proto_tree_add_text to proto_tree_add_item/expert info
2. Change to "new style" dissector
3. Use standard malformed packet interface
Reviewed by Francesco Fondelli
svn path=/trunk/; revision=48009
Centralize logic related to per-interface conversations, and expose it for use
by class-specific dissectors.
Class-specific descriptor dissectors also need to know the interface in whose
context they are called to work.
This is a prerequisite for a USB Video Class dissector, which needs to decode
many class-specific descriptors.
svn path=/trunk/; revision=47990
New dissector for the honeypot-feeds protocol.
From me: Misc. tweaks to expert info layout and remove a few unneeded initializers.
svn path=/trunk/; revision=47962
commented-out/#if-ed-out "Data1" field, as it's the same field.
Give the flags in that field names including "flags".
Shuffle the fields around to put "Flags" (a/k/a Data1) where Data1 was,
and put the bits in that field after it.
Update the URL for the spec at IBM.
Reformat the entries in hf_netb[] to use the same style.
svn path=/trunk/; revision=47933
A detailed diagnostic information contains either a SMS-SUBMIT-REPORT or a SMS-DELIVERY-REPORT. Set P2P direction accordingly.
svn path=/trunk/; revision=47927
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
put the length, identifier, and value as visible sub-items underneath
it. If the length is bad, add an expert info indication under the item
for the length, rather than using proto_malformed. Add checks for the
lengths of each type of subvector.
Add some more subvector types from IEEE 802.5-1998, and use the names
from that spec.
svn path=/trunk/; revision=47923
the compressed data, put the entries for particular parts of that data
under that entry, and, when we have a problem decompressing, add an
expert info item to that entry, rather than just adding text or using
proto_malformed. Do so for *all* decompression problems; in particular,
check for decompressed_entry() returning NULL, which it can do.
tvb_new_child_real_data() won't throw an exception, so don't bother
checking for that.
If, after the first pass, we can't find the uncompressed data for a
frame, report it as a dissector bug.
Check whether we have room for a byte in the uncompressed data buffer
*before* copying it.
Other cleanups.
svn path=/trunk/; revision=47922
way we don't keep two copies of the fragments in memory until the file is
closed.
wmem is probably a better alternative to this.
svn path=/trunk/; revision=47897
Support AES-GCM ipsec encryption using CTR (since libgcrypt doesn't support
GCM). Using CTR instead gets us decryption, but does not verify authentication.
svn path=/trunk/; revision=47886
If the SSID isn't valid UTF-8 truncate it and indicate that we did so.
(As bug 5738 points out this is part of a more general problem but in
the meantime this keeps us from crashing.)
Don't try to decrypt too-long SSIDs.
I feel compelled to change my SSID at home to a series of carriage
returns, linefeeds, and SNOWMAN (U+2603).
svn path=/trunk/; revision=47871
- fix dissection of type 0 packets with large CID
- add dissection of type 1 and 2 packets (extension 3 dissection to be done)
- add dissection of UDP checksum
svn path=/trunk/; revision=47869
check_offset_length() are always passed the captured length and reported
length of a tvbuff; just pass a pointer to the tvbuff, instead.
Eliminate some extra blank lines.
svn path=/trunk/; revision=47868
tvb_new_with_subset(), and is not called anywhere other than immediately
after calls to tvb_new_with_subset(); absorb it into tvb_new_with_subset().
svn path=/trunk/; revision=47867
Minor corrections to the VHT IE decode
* Correct the Rx, Tx and Basic MCS map decodes. The number of Spatial streams should run from 1-8 (not 0-7).
* Change Several misstyped Mhz into MHz
From me:
Remove comma for big number (use space)
Add Octets unit in some hf description
svn path=/trunk/; revision=47858
Don't pass a length longer than the strlen of the string into
format_text(). This can happen if the length we ask for from the
tvb overflows, for example.
svn path=/trunk/; revision=47839
- use a gboolean instead of an int where appropriate
- comment out an unnecessary variable assignment
- move some other assignments to before the address of the variable is taken;
this makes the data flow more natural and cleans up some cppcheck warnings
svn path=/trunk/; revision=47811
1. Allow to DecodeBy payload over AVCTP
2. Fix L2CAP CID payload recognize after disc
3. Removed unneeded _U_
4. Fall back to control channel in AVRCP
5. Fix time-tracking for passthrough and capability AVRCP commands
From Michal Labedzki, bug 8367 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8367)
svn path=/trunk/; revision=47810
In some cases these malformed frames trigger a DISSECTOR_ASSERT() in proto.c's proto_item_set_len(). This happens when packet-ieee80211.c's dissect_ieee80211_mgt() calls packet-ieee80211.c's get_tagged_parameter_tree() with a "size" parameter value of -1.
From me:
Replace by proto_tree_add_item with -1 length (and use FT_NONE ftype)
svn path=/trunk/; revision=47795
The problem is when Wireshark dissect CAPWAP packets from Cisco without preference "Cisco Wireless Controller Support"
In this case the whole packet decoded wrong, not only Wireless Specific Information field in CAPWAP header
I suggest following patch to dissect_capwap_header function to always return correct length of CAPWAP header based on HLEN header field
From me:
Add expert info to display a warning about Calculate length and Header length are different (and suggest to activate Cisco Wireless Controller Support Preference)
svn path=/trunk/; revision=47793
1) hf_reload_dmflags is 8 bytes, not 64 bytes.
2) Swap dissection order of dmflags and length.
3) Register ett_reload_self_tuning_data and ett_reload_diagnosticrequest.
#BACKPORT(1.8)
svn path=/trunk/; revision=47789
Fix the Lua tostring() method on FieldInfo objects such that it always returns
a string, although the string might be '(unknown)', '(none)', or '(n/a)'. This
is more conformant to Lua's API style.
Also create a new 'FieldInfo.display' accessor table member, which Lua
scripts can use instead of tostring() to get what the GUI displays.
From me:
Misc indentation fixes, remove redundant 'return' statement.
svn path=/trunk/; revision=47783
tvbuff, and a length from that offset, and returns a subset tvbuff
referring to that data (or throws an exception). This does what most if
not all calls to tvb_new_subset() (other than the ones that really
should be calls to tvb_new_subset_remaining()) should be doing, i.e.
setting the reported length of the tvbuff to the specified length and
calculating the appropriate value of the captured length based on that.
We aren't using it yet, but we will....
svn path=/trunk/; revision=47768
In fixing this bug, also fix another: Be sure to use tvb_length() and not tvb_reported_length() in get_utp_version(), since this is essentially where the heuristics are being applied to decide whether to accept the packet or not.
svn path=/trunk/; revision=47761
tvb_set_subset(); code should use tvb_new_real_data() and various
tvb_new_subset routines. (Neither tvb_new() nor tvb_set_real_data() nor
tvb_set_subset() were exported in libwireshark.def, nor were they used
outside tvbuff.c; tvb_set_real_data() and tvb_set_subset() weren't even
being used *inside* tvbuff.c.)
svn path=/trunk/; revision=47753
routines to create new tvbuffs that do what dissectors need to do, and
those are the only routines that should be used.
svn path=/trunk/; revision=47752
tvbuff and runs to the end of the tvbuff? Let me count the ways....
Replace a bunch of different ways of doing that (some incorrect, in that
they're not properly handling tvbuffs where the captured and reported
lengths are different) with tvb_new_subset_remaining().
svn path=/trunk/; revision=47751
preferences (currently hidden) to disable updates, set the update
frequency, and set the update "channel" (stable vs development). Add a
"Help" menu item to manually check for updates.
svn path=/trunk/; revision=47748
checksummed, which is the length of the TPDU, not that length + 1.
Calculate the TPDU length correctly - use
tvb_reported_length_remaining(), not tvb_length_remaining() (we want the
*actual* length, not the amount of captured data we have), and take the
offset handed to the dissector routine into account. Don't take the
length indicator into account for TPDUs with user data, as they run to
the end of the lower-level packet containing the TPDU(s). The CLTP UD
TPDU contains user data.
Note that this dissects both COTP *and* CLTP (that's why it's
"packet-ositp.c", not "packet-cotp.c").
Separate some groups of #includes with blank lines.
svn path=/trunk/; revision=47745
it's been used in an rtp_set_address() or srtp_set_address() call and,
if that Boolean is set, don't free the hash table; this fixes a case
where the hash table was freed while it was in use.
svn path=/trunk/; revision=47740
an int, so don't use enums for special values of the PLP length field.
In addition, use G_GINT64_CONSTANT() to tag them as appropriate for a
guint64.
svn path=/trunk/; revision=47737
Misc. fixes to the SML dissector:
- one more define added
- removed data_handle (unused)
- removed "check = tvb_get_guint8(tvb, temp_offset);" (value hasn't changed)
- added PI_NOTE
- CRC fixed, calculation now correct if CRC is transmitted as UINT8
From me:
- clean up indentation
- change modelines to actually match the indentation most commonly used
svn path=/trunk/; revision=47736
Feed the tap before trying to dissect the payload. This prevents a malformed
payload from blocking the tap, resulting in incorrect RTP statistics.
svn path=/trunk/; revision=47729
Additionally:
1) Remove check_col()'s
2) Don't call expert_add_info_format() from within an if (tree) {} block.
3) tvb_reported_length_remaining() can return -1; be sure to handle it.
4) Misc. whitespace changes.
svn path=/trunk/; revision=47722
With small additional changes by me
Make many of the length and offset fields in the websocket dissector unsigned.
This fixes a case where we could attempt to malloc (unsigned)-1 bytes of memory.
Also fix one small copy-paste string typo.
svn path=/trunk/; revision=47700
This patch adds a check for a zero count to the existing sanity check code.
From me:
In addition drop superfluous sanity check.
svn path=/trunk/; revision=47692
Improve handling of truncated USB Configuration descriptors.
In contrast to other descriptor types, configuration descriptors have varying
lengths and may be quite long. This makes them much more prone to truncation
by a host that is cautious about reading large descriptors.
A real-world case has arisen where a host requests a partial configuration
descriptor of a USB webcam, and wireshark improperly reports that the response
is malformed.
Change configuration descriptor dissection to distinguish between truncation
induced by the host, which is not an error, and descriptor truncation or
reporting of invalid descriptor lengths by the device, which are.
This patch also relieves class-specific dissectors of the burden of checking
that the descriptor length and type fields are available, and that all the
bytes claimed by the descriptor length are also available.
svn path=/trunk/; revision=47676
Make length field unsigned so that negative values fail the bounds check and
throw a regular exception before getting passed to glib (where they cause a
program-ending assert failure instead).
svn path=/trunk/; revision=47672
function name isn't the same as the method name; this is used if we're
providing compatibility aliases for method names.
Use WSLUA_CLASS_FNREG() and WSLUA_CLASS_FNREG_ALIAS() for all method
registrations.
Fix the spelling of "prepend", but leave a compatibility alias in place.
svn path=/trunk/; revision=47667
The issue was that hash tables were being accessed after they were freed from a "rejected answer".
The code was also too generous in considering many SIP status codes as "rejected answers", so now less SIP status codes are treated as "rejected answers" and are ignored by the transport API.
svn path=/trunk/; revision=47652
- Fix various message handler message dissection bugs;
- Change all loops with a potentially large loop count
to be done only when 'tree' is non-null;
- Simplify code somewhat;
- Do some whitespace and formatting style changes.
svn path=/trunk/; revision=47647
Without this patch I get a crash on Linux and lots of
STATUS_ACCESS_VIOLATION and a single STATUS_INTEGER_DIVIDE_BY_ZERO on windows.
svn path=/trunk/; revision=47639
Without this patch I get a crash on Linux and lots of
STATUS_ACCESS_VIOLATION and a single STATUS_INTEGER_DIVIDE_BY_ZERO on windows.
svn path=/trunk/; revision=47638
Bluetooth: Improve support of MAP, PBAP, BPP and BIP in OBEX
Add support for recognize profiles using OBEX (by "Target"), then add
all Application Parameters specific for MAP, PBAP, BPP, BIP.
Also fix one FIXME, so now dissecting by OBEX does not cause malformed
frames while jumping over dissected packets.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8304
svn path=/trunk/; revision=47632